NTLMv1 or NTLMv2 ?????
Oh how I love those clear security articles and CVE entries. With a score of 6.2 I suspect NTLMv1, which has been known to be insecure for a long time. And we kick it our wherever we see it, especially on domain controllers. NTLMv1 uses unsalted hashes, which makes it so dangerous.
But if NTLMv2 would be affected too this vulnerability this would be a completely different game, and it wouldn't be "only" a 6.2 score.
I hope they will update the msrc article soon.